
EAST Search History 



Ref 
# 


Hits 


Search Query 


DBs 


Default 
Operator 


Plurals 


Time Stamp 


LI 


0 


request.clm. and service.clm. and 

uscr.cim. ana Ubcr bpace .urn. 
and kernel.clm. and memory.clm. 
and security.clm. and 
authenticat$3.clm. and computer, 
elm. and method.clm. and 
transsmit$4.clm. 


US-PGPUB; 

1 ICDAT 


OR 


OFF 


2006/10/13 12:09 


L2 


1 


request.clm. and service.clm. and 

ncor rim anH "near cnaro" r\ m 
Ubcr.Liiii. anu Ubcr bpdLc .i-ini. 

and kernel.clm. and memory.clm. 
and security.clm. and 
authenticat$3.clm. and computer, 
elm. and method.clm. and 
transmit$4.clm. 


US-PGPUB; 

1 I^PAT 

Ujrn 1 


OR 


OFF 


2006/10/13 12:09 


L3 


1 


request.clm. and service.clm. and 
ubcr.cim. anu ubcr space .cim. 
and kernel.clm. and memory.clm. 
and security.clm. and 
authenticat$3.clm. and computer, 
elm. and method.clm. and 
transmit$4.clm. 


US-PGPUB; 

UjrM 1 t 

USOCR; 
FPRS; 
EPO; JPO; 
DERWENT; 
IBM_TDB 


OR 


OFF 


2006/10/13 12:09 


L4 


128 


request and service and user and 
user space and Kernel and 
memory and security and 
authenticate and computer and 
method and transmit$4 


US-PGPUB; 

1 ICDAT. 

USOCR; 
FPRS; 
EPO; JPO; 
DERWENT; 
IBM_TDB 


OR 


OFF 


2006/10/13 12:15 

• 


L5 


128 


request and service and user and 
"user space" and kernel and 
memory and security and 
authenticate and computer and 
metnoa ana transmit$ £ t 


US-PGPUB; 
USPAT 


OR 

* 


OFF 


2006/10/13 12:10 


L6 


82 


726/23 


US-PGPUB; 

1 ICO AT" 

USPAT 


OR 


OFF 


2006/10/13 12:10 


L7 


7282 


726/4 or 713/164 or 713/167 or 
726/23 Or 713/200 


US-PGPUB; 

i ipnAT 

USPAT 


OR 


OFF 


2006/10/13 12:11 


L8 


20 


7 and 5 


US-PGPUB; 

1 ICDAT 


OR 


OFF 


2006/10/13 12:11 


L9 


14 


"abrams".inv. and roger 


US-PGPUB; 
USPAT 


OR 


OFF 


2006/10/13 12:12 


L10 


6 


9 and kenneth 


US-PGPUB; 
USPAT 


OR 


OFF 


2006/10/13 12:12 



10/13/06 12:18:38 PM 

C:\Documents and Settings\KZand\My Documents\EAST\Workspaces\default.wsp 



Page 1 



EAST Search History 



Lll 


1019408 


380/200 or 399/366 or 455/26.1 

or 7007771; or 7AC/1Q or "700" or 

or /uu/zzd or /to/io or /uu or 
"225" or 711-/164 or 713/187 or 
"714" "768" or 726/21 


US-PGPUB; 

1 ICDAT* 

USOCR; 
FPRS; 
EPO; JPO; 
DERWEIMT; 
IBM_TDB 


OR 


OFF 


2006/10/13 12:17 


L12 

• 


3473 


380/200 or 399/366 or 455/26.1 
or /uu/zzd or /lo/io or /uu/zzd 
or 711/164 or 713/187 or 714/768 
or 726/21 


US-PGPUB; 

USOCR; 
FPRS; 
EPO; JPO; 
DERWENT; 
IBM_TDB 


OR 


OFF 


2006/10/13 12:18 


L13 


9995 


12 or 7 or 6 


US-PGPUB; 

1 ICDAT. 

USOCR; 
FPRS; 
EPO; JPO; 
DERWEIMT; 
IBM_TDB 


OR 


OFF 


2006/10/13 12:18 


L14 


23 


13 and 5 


US-PGPUB; 

1 IQPAT* 

USOCR; 
FPRS; 
EPO; JPO; 
DERWENT; 
IBM_TDB 


OR 


OFF 


2006/10/13 12:18 



10/13/06 12:18:38 PM 

C:\Documents and Settings\KZand\My Documents\EAST\Workspaces\defeult.wsp 



Page 2 



Results (page 1): request and service and user and "user space" and kernel and memory an.„ Page 1 of 7 

a/ PL Pl**^<c£rjJ 

Subscribe (Full Service) Register (Limited Service, free) Login 
Search: & The ACM Digital Library O The Guide 




USPTO 



request and service and user and "user space" and kernel and; 




1* Eeedbacjc ReporLa„prpMe(n SMsfaMon.sury.! 



F 

Terms used request and service and user and user 61 
space and kernel and memory and security and authenticat$3 and computer and method and transmit$4 

18( 



Sort results by relevance 



Display results expanded form 



Save results to a Binder 



^SeajchJips 

□ Open results in a new window 



Try an Advanced Search 

Try this search in The ACM. Guide 



Results 1 - 20 of 200 
Best 200 shown 



Result page: 12345678910 next 



Relevance scale UQE 



1 Cryptography as an operating system service: A case study 

Angelos D. Keromytis, Jason L. Wright, Theo De Raadt, Matthew Burnside 
February 2006 ACM Transactions on Computer Systems (TOCS), volume 24 issue l 

Publisher: ACM Press 

Full text available; pcif(669.12 KB) Additional Information: fult citation, abstract, references, index terms 

Cryptographic transformations are a fundamental building block in many security applications 
and protocols. To improve performance, several vendors market hardware accelerator cards. 
However, until now no operating system provided a mechanism that allowed both uniform and 
efficient use of this new type of resource. We present the OpenBSD Cryptographic Framework 
(OCF), a service virtualization layer implemented inside the operating system kernel, that 
provides uniform access to accelerator functio ... 



Keywords: Encryption, authentication, cryptographic protocols, digital signatures, hash 
functions 



2 %stem^ 

i&i Robert Grimm, Janet Davis, Eric Lemar, Adam Macbeth, Steven Swanson, Thomas Anderson, Brian 
^ Bershad, Gaetano Borriello, Steven Gribble, David Wetherall 

November 2004 ACM Transactions on Computer Systems (TOCS), volume 22 issue 4 

Publisher: ACM Press 

Full text available: ^pd£182. MBi Additional Information: MLcJMiQJL abstract., references, index temis 

Pervasive computing provides an attractive vision for the future of computing. Computational 
power will be available everywhere. Mobile and stationary devices will dynamically connect and 
coordinate to seamlessly help people in accomplishing their tasks. For this vision to become a 
reality, developers must build applications that constantly adapt to a highly dynamic computing 
environment. To make the developers' task feasible, we present a system architecture for 
pervasive computing, called & ... 

Keywords: Asynchronous events, checkpointing, discovery, logic/operation pattern, migration, 
one. world, pervasive computing, structured I/O, tuples, ubiquitous computing 



3 Evaluating the performance of user-space and kernel-space web servers 

Amol Shukla, Lily Li, Anand Subramanian, Paul A. S. Ward, Tim Brecht 
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October 2004 Proceedings of the 2004 conference of the Centre for Advanced Studies on 

Collaborative research 
Publisher: IBM Press 

Full text available: prif(91.7Q KB) Additional Information: full citation, abstract, references, index terms 

There has been much debate over the past few years about the practice of moving traditional 
user-space applications, such as web servers, into the kernel for better performance. Recently, 
the user-space userver web server has shown promising performance for delivering static 
content. In this paper we first describe how we augmented the userver to enable it to serve 
dynamic content. We then evaluate the performance of the userver and the kernel-space TUX 
web server, using the SPECweb99 workloa ... 

Process migration 

Dejan S. Milojicic, Fred Doughs, Yves Paindaveine, Richard Wheeler, Songnian Zhou 
September 2000 ACM Computing Surveys (CSUR), Volume 32 issue 3 

Publisher: ACM Press 

Full text available- fB pdffl.24 MB) Additional Information: fall citation, abstract, references, citings, index terms. 
^ ^ review 

Process migration is the act of transferring a process between two machines. It enables 
dynamic load distribution, fault resilience, eased system administration, and data access 
locality. Despite these goals and ongoing research efforts, migration has not achieved 
widespread use. With the increasing deployment of distributed systems in general, and 
distributed operating systems in particular, process migration is again receiving more attention 
in both research and product development. As hi ... 

Keywords: distributed operating systems, distributed systems, load distribution, process 
migration 



Efficient use^ 

R. Gopalakrishnan, Gurudatta M. Parulkar 

August 1998 IEEE/ ACM Transactions on Networking (TON), volume 6 issue 4 
Publisher: IEEE Press 

Full text available: ^pdf(205,42„KB}, Additional Information: full. citation, re.ferenc.eSj citings., index temis 



Keywords: multimedia communication, networks, operating system kernals, processor 
scheduling, protocols, real-time systems, transport protocols 



6 The KaffeQS Java runtime system 

Godmar Back, Wilson C. Hsieh 
^ July 2005 ACM Transactions on Programming Languages and Systems (TOPLAS), volume 27 

Issue 4 

Publisher: ACM Press 

Full text available: ^ pdff704.30 KB) Additional Information: full citation, abstract, references, index terms 

Single-language runtime systems, in the form of Java virtual machines, are widely deployed 
platforms for executing untrusted mobile code. These runtimes provide some of the features 
that operating systems provide: interapplication memory protection and basic system services. 
They do not, however, provide the ability to isolate applications from each other. Neither do 
they provide the ability to limit the resource consumption of applications. Consequently, the 
performance of current systems degra ... 

Keywords: Robustness, garbage collection, isolation, language runtimes, resource 
management, termination, virtual machines 
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UFO: a personal qiobal file system based on user-ievel extensions to the operating system 
Albert D. Alexandrov, Maximilian Ibel, Klaus E. Schauser, Chris J. Scheiman 
August 1998 ACM Transactions on Computer Systems (TOCS), volume 16 issue 3 

Publisher: ACM Press 

Full text available- *pi pdf(251 25 KB) Additional Information: full citation, abstract, references, citings, index terms. 
^ ' ~ W review 

In this article we show how to extend a wide range of functionality of standard operation 
systems completely at the user level. Our approach works by intercepting selected system calls 
at the user level, using tracing facilities such as the /proc file system provided by many Unix 
operating systems. The behavior of some intercepted system calls is then modified to # 
implement new functionality. This approach does not require any relinking or recompilation of 
existing applications. In fact, the ... 

Keywords: file caching, global name space, proc file system, user-level operating system 
extensions 



8 RrotectL^ 

Mark D. Corner, Brian D. Noble 

May 2003 Proceedings of the 1st international conference on Mobile systems, 

applications and services MobiSys '03 
Publisher: ACM Press 

Full text available: pdf('294.4Q KB) Additional Information: full citation, abstract, references 

How does a machine know who is using it? Current systems authenticate their users 
infrequently, and assume the user's identity does not change. Such persistent authentication is 
inappropriate for mobile and ubiquitous systems, where associations between people and 
devices are fluid and unpredictable. We solve this problem with Transient Authentication, in 
which a small hardware token continuously authenticates the user's presence over a short- 
range, wireless link. We present the fo ... 



9 .SMefuldj^ 

John Reumann, Kang G. Shin 

February 2004 ACM Transactions on Computer Systems (TOCS), volume 22 Issue 1 
Publisher: ACM Press 

Full text available: ^pd£833.84.KBJ Additional Information: Ml. citation, abstract, references, index Jerms 

Interposition-based system enhancements for multitiered servers are difficult to build because 
important system context is typically lost at application and machine boundaries. For example, 
resource quotas and user identities do not propagate easily between cooperating services that 
execute on different hosts or that communicate with each other via intermediary services. 
Application-transparent system enhancement is difficult to achieve when such context 
information is obscured by complex servic ... 

Keywords: Distributed computing, component services, distributed context, multitiered 
services, operating systems, server consolidation 



Migrating sockets— end system support for networking with quality of service guarantees 
David K. Y. Yau, Simon S. Lam 

December 1998 IEEE/ ACM Transactions on Networking (TON), Volume 6 issue 6 
Publisher: IEEE Press 

Full text available: fj | pdff369.10 KB) Additional Information: full citation, references, index terms 
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Keywords: CPU scheduling, bandwidth scheduling, packet demultiplexing, quality of service 
guarantees, user level protocol 



11 Separating^ 

Robert Grimm, Brian N. Bershad 

February 2001 ACM Transactions on Computer Systems (TOCS), volume 19 issue l 
Publisher: ACM Press 

Full text available* fS I Ddf¥164 03 KB) Additional Information: Ml citation, abstract, references, cjtLnfls, index terms, 
' ^ ' * review 

Extensible systems, such as Java or the SPIN extensible operating system, allow for units of 
code, or extensions, to be added to a running system in almost arbitrary fashion. Extensions 
closely interact through low-latency but type-safe interfaces to form a tightly integrated 
system. . As extensions can come from arbitrary sources, not all of whom can be trusted to 
conform to an organization's security policy, such structuring raises the question of how 
security constraints are enforced in an ... 

Keywords: Java, SPIN, access check, auditing, extensible systems, policy-neutral 
enforcement, protection domain, protection domain transfer, security policy 



1 2 Distributed. operMing„syM3rn s 

Andrew S. Tanenbaum, Robbert Van Renesse 

December 1 985 ACM Computing Surveys (CSUR), volume 17 issue 4 
Publisher: ACM Press 

Full text available: fll pdff5.49 MB) Additional Information: Mlcitation, abstract, references, crtlnas, index terms, 



review 

Distributed operating systems have many aspects in common with centralized ones, but they 
also differ in certain ways. This paper is intended as an introduction to distributed operating 
systems, and especially to current university research about them. After a discussion of what 
constitutes a distributed operating system and how it is distinguished from a computer 
network, various key design issues are discussed. Then several examples of current research 
projects are examined in some detail ... 

13 Puzzjes.an^ 

Brent Waters, Ari Juels, J. Alex Halderman, Edward W. Felten 

October 2004 Proceedings of the 11th ACM conference on Computer and communications 

security 
Publisher: ACM Press 

Full text available: ^.pdf(382,1i„KB;. Additional Information: M cMion, abstract, rsMences, jndexterrns 

We explore new techniques for the use of cryptographic puzzles as a countermeasure to Denial- 
of-Service (DoS) attacks. We propose simple new techniques that permit the out-sourcing of 
puzzles; their distribution via a robust external service that we call a bastion. Many servers can 
rely on puzzles distributed by a single bastion. We show how a bastion, somewhat surprisingly, 
need not know which servers rely on its services. Indeed, in one of our constructions, a bastion 
may consist merely of ... 

Keywords: DoS, client puzzles, denial-of-service 



1 4 On incremental file system development 

Erez Zadok, Rakesh Iyer, Nikolai Joukov, Gopalan Sivathanu, Charles P. Wright 
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May 2006 ACM Transactions on Storage (TOS), volume 2 issue 2 
Publisher: ACM Press 

Full text available: 'gj pdff260.40 KB) Additional Information: full citation, abstract, references, index terms 

Developing file systems from scratch is difficult and error prone. Using layered, or stackable, 
file systems is a powerful technique to incrementally extend, the functionality of existing file 
systems on commodity OSes at runtime. In this article, we analyze the evolution of layering 
from historical models to what is found in four different present day commodity OSes: Solaris, 
FreeBSD, Linux, and Microsoft Windows. We classify layered file systems into five types based 
on their functionality and ... 

Keywords: I/O manager, IRP, Layered file systems, VFS, extensibility, stackable file systems, 
vnode 



15 Labels aM 

Petros Efstathopouios, Maxweli Krohn, Steve VanDeBogart, Cliff Frey, David Ziegler, Eddie Kohler, 
^ David Mazieres, Frans Kaashoek, Robert Morris 

October 2005 ACM SIGOPS Operating Systems Review , Proceedings of the twentieth ACM 

symposium on Operating systems principles SOSP '05, volume 39 issue 5 
Publisher: ACM Press 

Full text available: ^p.df(258,5S.KB} Additional Information: fuJl citatiOQ, abstract, references, index tejms 

Asbestos, a new prototype operating system, provides novel labeling and isolation mechanisms 
that help contain the effects of exploitable software flaws. Applications can express a wide 
range of policies with Asbestos's kernel-enforced label mechanism, including controls on inter- 
process communication and system-wide information flow. A new event process abstraction 
provides lightweight, isolated contexts within a single process, allowing the same process to act 
on behalf of multiple users while ... 

Keywords: event processes, information flow, labels, mandatory access control, secure web 
servers 



16 Experiences with the Amoeba distributed operating system 

Andrew S. Tanenbaum, Robbert van Renesse, Hans van Staveren, Gregory J. Sharp, Sape J. 
Mullender 

December 1990 Communications of the ACM, volume 33 issue 12 
Publisher: ACM Press 

Full text available- « pdfi2 71 MB) Additional Information: full citation, abstract, references, citings, index terms , 



review. 

The Amoeba project is a research effort aimed at understanding how to connect multiple 
computers in a seamless way [16, 17, 26, 27, 31]. The basic idea is to provide the users with 
the illusion of a single powerful timesharing system, when, in fact, the system is implemented 
on a collection of machines, potentially distributed among several countries. This research has 
led to the design and implementation of the Amoeba distributed operating system, which is 
being used as a prototype and veh ... 

Reiner Sailer, Trent Jaeger, Xiaolan Zhang, Leendert van Doom 

October 2004 Proceedings of the 11th ACM conference on Computer and communications 

security 
Publisher: ACM Press 

Full text available: ^pd.f(.26i.521.KBJ Additional Information: M.cjtatlQ.0, abstract, references, ln.dex.terms 
Intranet access has become an essential function for corporate users. At the same time, 
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corporation's security administrators have little ability to control access to corporate data once 
it is released to remote clients. At present, no confidentiality or integrity guarantees about the 
remote access clients are made, so it is possible that an attacker may have compromised a 
client process and is now downloading or modifying corporate data. Even though we have 
corporate-wide access control over ... 

Keywords: remote access, security management, trusted computing 



18 Experiences implementing a high performance TCP in user-space 
^' ec * Edwards, Steve Muir 

^ October 1995 ACM SIGCOMM Computer Communication Review , Proceedings of the 

conference on Applications, technologies, architectures, and protocols for 
computer communication SIGCOMM '95, volume 25 issue 4 
Publisher: ACM Press 

Full text available: ^p.dfQ ; 14„MB.i Additional Information: MLQMtiQf., abstract references, .cjtjngs, indexjenris 

The advantages of user-space protocols are well-known, but implementations often exhibit poor 
performance. This paper describes a user-space TCP implementation that outperforms a 
'normal' kernel TCP and that achieves 80% of the performance of a 'single-copy 1 TCP. 
Throughput of 160 Mbit/s has been measured. We describe some of the techniques we used 
and some of the problems we encountered. 

19 Termination in language-based systems 
|& Algis Rudys, Dan S. Wallach 

^ May 2002 ACM Transactions on Information and System Security (TISSEC), volume 5 issue 2 
Publisher: ACM Press 

Full text available: ^ pcif(355.43 KB) Additional Information: full citation, abstract, references, citings, index terms 

Language run-time systems are increasingly being embedded in systems to support run-time 
extensibility via mobile code. Such systems raise a number of concerns when the code running 
in such systems is potentially buggy or untrusted. Although sophisticated access controls have 
been designed for mobile code and are shipping as part of commercial systems such as Java, 
there is no support for terminating mobile code short of terminating the entire language run- 
time. This article presents a c ... 

Keywords: Applets, Internet, Java, resource control, soft termination, termination 



20 Access management for distributed systems: Feer-to-peer access control architecture 

jf^i using trusted computing technology 
Ravi Sandhu, Xinwen Zhang 

June 2005 Proceedings of the tenth ACM symposium on Access control models and 

technologies 
Publisher: ACM Press 

Full text available: ^j?dft2J.5,48..j<Bi Additional Information: fuJJ.cltat.i_Qn, abstract, references, Jndex temis 

It has been recognized for some time that software alone does not provide an adequate 
foundation for building a high-assurance trusted platform. The emergence of industry-standard 
trusted computing technologies promises a revolution in this respect by providing roots of trust 
upon which secure applications can be developed. These technologies offer a particularly 
attractive platform for security in peer-to-peer environments. In this paper we propose a 
trusted computing architecture to enforce ac ... 

Keywords: access control, policy enforcement, security architecture, trusted computing 
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